| Summary: | Undefined left shift in blit functions | ||
|---|---|---|---|
| Product: | SDL | Reporter: | James Legg <jlegg> |
| Component: | video | Assignee: | Sam Lantinga <slouken> |
| Status: | RESOLVED FIXED | QA Contact: | Sam Lantinga <slouken> |
| Severity: | normal | ||
| Priority: | P2 | ||
| Version: | HG 2.1 | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Attachments: | Patch | ||
Patch added, thanks! https://hg.libsdl.org/SDL/rev/e58323b0cf8e |
Created attachment 4359 [details] Patch With the right inputs, undefined behaviour sanitizer reports that some left shifts in some blit functions such as Blit_3or4_to_3or4__inversed_rgb are undefined. This occurs when an input pixel with an alpha value > 127 is present and dstfmt->Ashift is 24. The Uint8 alpha value is promoted to a (signed) int because of the bit shift, however values of 0x80 or more shifted left 24 places are not representable by an int, assuming a platform with 32 bit ints. Explicitly casting the Uint8 alpha value to a Uint32 before the shift, as in the attach patch, allows the result type of the shift expression to hold the correct result without undefined behaviour.